![]() ![]() For starters, we are talking about a full exploitation that escapes the sandbox and leads to remote code execution. There are several good reasons why you need to take this new Chrome zero-day ( CVE-2019-5786) seriously. It's not often that we hear about a critical vulnerability in Google Chrome, and perhaps it's even more rare when Google's own engineers are urging users to patch. This shows the benefits for certain applications from being allowed to inject into Chrome, something that Google's new policies have disabled. ![]() In our earlier post we exercised caution before claiming we would have blocked this zero-day, but we can now say with confidence that an older version of Malwarebytes (1.12.1.122) would have mitigated this attack: A proof of concept for CVE-2019-5786 was published by Exodus Intel. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |